this feed is not available

This is the place to report bugs and get support. When posting in this forum, please always provide as much detail as possible.

Please do not report problems with a custom build or custom code in this forum. If you are producing your own build from the source code and have problems or questions, ask in the developer forum, do not report it as a bug.

This is the place to report bugs and get support

When posting in this forum, please try to provide as many relevant details as possible. Particularly the following:

What operating system were you running when the bug appeared?
What database platform is your site using?
What version of mojoPortal are you running?
What version of .NET do you use?
What steps are necessary to reproduce the issue? Compare expected results vs actual results.

This thread is closed to new posts. You must sign in to post in the forums.

7/26/2009 5:36:55 PM

cecheto

Total Posts 52

View Posts

this feed is not available

Hello,

I just deployed mojoPortal to a site and I was willing to have a news feed from a blog that is in the private area, the proble is that the feed is always reporting "this feed is not available".

I am usint a Windows 2003 server with IIS 6.0 and a SQL Express 10.0. The verión of the mojoPortal is 2.3.1.0.

I have a blog that inside a page restricted to authenticated users with one news on it. In the wellcome page I have a Feeds Manager linked to the feed link that shows the blog page. It seems to work some way becase the I request the blog14rss.aspx file I got the empty feed.

Thanks,

7/27/2009 6:04:15 AM

Joe Audette

Total Posts 18439

View Posts

Re: this feed is not available

Hi,

Rss feeds do not currently support authentication. The feed manager makes a server side request for the feed and this does not have the same user context as the browser user so the feed must not require authentication.

Joe

7/27/2009 9:10:03 AM

dvandenh

Total Posts 55

View Posts

Re: this feed is not available

Sorry for jumping in on this question but trying to do something similar. Setting up an authenticated Intranet and wanted to use the feed manager content item to collect blog/news items from varying portions of the Intranet site. Anyway to pull this off? - Derek

7/27/2009 9:18:09 AM

Joe Audette

Total Posts 18439

View Posts

Re: this feed is not available

You can consume any feed from your local intranet and/or the internet if the web server also has access to the internet.

The problem is trying to put a blog on a private page secured by roles. If you do that the page view roles will also be enforced on the feed and this won't work. As long as the blog is on a page that is not protected by roles the feed manager can consume its feed. You can make it a hidden page by not including it in the menu but you can't both enforce view roles on the content and allow it to be consumed anonymously, its an either or thing.

So as long as you want to expose the content to all users on your intranet it will work fine. Wanting different users to see different feeds based on their roles is not so easy.

Hope it helps,

Joe

7/28/2009 5:23:54 AM

cecheto

Total Posts 52

View Posts

Re: this feed is not available

Sure it helped. I moved the blog to a public area.

Thanks,

Carlos

7/30/2009 10:20:55 AM

dvandenh

Total Posts 55

View Posts

Re: this feed is not available

All pages on the Intranet are only available to the Authenticated User role. Otherwise all could see. Am I missing something on how to protect the Intranet site from all "public" users but allow feed manager functionality within the Intranet site?

7/30/2009 1:48:40 PM

Joe Audette

Total Posts 18439

View Posts

Re: this feed is not available

An intranet is a private network so what public people can see it?

What kind of authentication are you using? The standard db authentication, or Windows or LDAP?

There is no way the feeds are going to work unless the blog is on a page where "All Users" can view it. "Authenticated Users" is a role just like any other role, users are added to that role automatically.

"All Users" is not really a role, it means no role is required.

RSS feeds are for publishing content to the public, they are not designed for role based security.

Best,

Joe

7/30/2009 2:23:20 PM

dvandenh

Total Posts 55

View Posts

Re: this feed is not available

I am using the authentication form through MOJO to authenticate users. Using the LDAP connection to our internal AD Domain for accounts. Thus, setting all pages in MOJO to only authenticated users, securing the Intranet to only internal account access. But, RSS not available to pages setup this way throws me for a loop. Planning on using blog's for new news items on pages throughout the site, all updating a main page RSS feed manager.

7/30/2009 2:33:19 PM

Joe Audette

Total Posts 18439

View Posts

Re: this feed is not available

So there are users on your local network that you don't want to be able to see these blog posts/news items?

The Blog itself can be on a private page and users in the role can see the blog on the page, but the feeds are a different story, RSS was not designed for that scenario. The only way I can think of it working is if the feed is being requested by the user's browser like some client side javascript feed reader, then the request for the feed is coming from the authenticate duser and has his cookies in the request headers.Maybe some kind of javscript widget thing like that exists and could be pasted into the source of an html module with the url to the feed.

But a server side feed aggregator that makes server side web requests is a tougher nut to crack to make an authenticated request. I'll do a little research on it and see if any good ideas come to mind.

Best,

Joe

7/31/2009 9:00:31 AM

Joe Audette

Total Posts 18439

View Posts

Re: this feed is not available

The only thing I can think of to accomodate this is a mechanism for bypassing the feed page security by passing an extra query string param like a Guid to the feed url when the feed url starts with the site root url. This guid could be stored in Web.config/user.config, the feed manager would detect if the feed was on the same site and if so append this guid as a query string param. The feed page would compare the guid and make sure it matches the one in Web.config and if so it would bypass the security checks and render the feed. Users woud never see the guid but it would not be 100% secure, someone with the abililty to sniff packets on the network could discover the guid by watching web traffic and then would be able to make a request to the feed url passing the guid and could get access to data in the feed. It would be relatively easy to implement and it would be relatively secure, it just depends on whether its strong enough security and what the risks are if this data was accessed. You could change the guid from time to time and the bypass feature could be disabled by removing the guid setting. By default it would not be enabled.

If I were to implement that would it meet your needs?

Best,

Joe

8/4/2009 2:07:06 AM

cecheto

Total Posts 52

View Posts

Re: this feed is not available

I think that what dvandenh is trying to do is what I intended first. Having the Blog in a private area so authenticated user can access to it only for posting, comenting and rating and at the same time having it in a second page allowing non registered pepole to see it and maybe cdo comments a ratings.

For this it should be able to place the same blog in a second page so we could vahe a structure liske this:

Private page: With a content of "Blog" that has an option like "Allow public access". If this option is checked the RSS feed will has public access.
Public page: With a content of like "Blog viewer" that links to the first blog and has options for "Allow public comments" and "Allow public ratings". This should also offer the public RSS feed.

You must sign in to post in the forums. This thread is closed to new posts.